Overview

By making multiple OS used on one PC and equalizing the uses of each terminal, Kansai University wanted to improve the learning environment and optimize infrastructure. When a Windows environment was migrated to a VDI, it was essential that incidents such as virus infections of terminals were prevented from occurring. The university was looking for a security product that minimizes load on servers in order to shorten login times for the Windows VDI and start lectures smoothly.

The University achieved an anti-virus solution which offloaded processing via virtual appliances without increasing load on VDI servers. Start-up times were reduced by 30%. Trend Micro’s solution updates anti-virus software pattern files and applies them automatically thereby greatly reducing workload for operational management. By selecting which VDI to boot, the University has achieved a learning environment that can utilize multiple OS.

Challenges

Under the founding motto “Protect justice with authority”, Kansai University has constantly been involved in the development and education of society and its citizens since it was established in 1886. In addition to thirteen faculties, thirteen graduate schools, and three professional graduate schools, the University is also equipped with all educational institutions from pre-school to high school and aims to foster human resources through an integrated schooling system.

The University is also well known for focusing on the importance of IT, computer knowledge and technical skills from an early stage. Since the Faculty of Informatics was established in 1994, it has provided a multifaceted curriculum related to data processing. “From beginner typing lessons to programming and other lectures for more advanced students, we provide science and arts students with a place to acquire a broad IT knowledge. To be specific, we have established dedicated classrooms with machines which are used for lectures and self-study and have either Windows, Mac, or UNIX (Solaris) OS.” explains Kansai University’s Masaki Ogino.

However, there had been a certain problem associated with this type of operating model in the past – an insufficient number of Windows terminals. “There were not enough physical terminals for the number of lectures and students who wanted to use them. Consequently, while they were being used in a lecture, they couldn’t be used for self-study by other students,” Ogino continues. In order to solve the problem, the faculty investigated the deployment of a VDI (Virtual Desktop Infrastructure). With a VDI, it is possible to use OS prepared in a virtual environment without relying on physical terminals.

“It is essential to implement advanced security on servers and terminals accessed by large indefinite numbers of students and Trend Micro Deep Security is essential for creating a secure VDI.”

The University felt that students’ quality of learning would increase if they could use a Windows environment from any terminal at any time. “At the time, we had already prepared a UNIX (Solaris) environment by VDI. By migrating Windows to a VDI as well, we felt that we could create an environment in which it was possible to access either OS from a single terminal,” says Ogino. Furthermore, the faculty also wants to establish a BYOD (Bring Your Own Device) environment in which it would be possible for students to access school systems from their own PCs and smart phones in the future. “We concluded that a VDI platform would be the most effective,” explains Ogino.

Solution

The faculty requested proposals from a number of vendors. In the end, it selected a Fujitsu proposal which adopted VMware vSphere and Horizon (with View) for the Windows VDI virtualized platform. “We proposed this solution as we were impressed with its superior performance aspects such as fast transfer speeds using the PCoIP protocol, as well as a VMware’s solid market track record. The University was also impressed with these aspects,” explains Fujitsu’s Toshiaki Miike.

There was an aspect which had to be considered when deploying the VDI — how to implement security for it. “With a VDI, multiple virtual machines are run on one server. This caused us to worry that running agent-type anti-virus software on each individual machine would overload the system and reduce performance,” says Ogino. In truth the faculty had been facing a problem that their netboot think client system they’d been using takes too much time to start that time for lectures was shortened. In other words, restricting server load to an absolute minimum and achieving fast start-up times was an important condition of the VDI deployment.

Fujitsu chose “Trend Micro™ Deep Security™” as the solution to meet this requirement. Deep Security can perform virus scans as a virtual appliance without installing agents on individual virtual machines. Offloading the processing requirements of individual virtual machines allowed the University to create a secure VDI without affecting performance.

“Deep Security leads the market in compatibility with VMware and deployment results. In addition, the experience that our partner for this project, Fujitsu, had from using it in a number of deployments and builds gave us a sense of security and supported the adoption.”

“Deep Security leads the market in compatibility with VMware and deployment results. In addition, the experience that our partner for this project, Fujitsu, had from using it in a number of deployments and builds gave us a sense of security and supported the adoption,” continues Ogino.

Results

The faculty created a learning environment in which Mac OS, Unix and Windows could be used by adopting Macs for physical terminals and letting users choose a VDI to operate. By also preparing a Windows VDI environment for PCs brought to work by staff in addition to the terminals for students, the faculty built a 340 machine Windows VDI. “We included a total of fourteen VMware vSphere as the virtual platform for Windows, eleven of which were for the VDI and the remaining three were for virtual servers. We used Deep Security to apply an antivirus to each of these,” explains Miike.

During the deployment process, the University compared response times of Deep Security and an agent-type product. “Firstly, we installed an agent-type anti-virus product on individual virtual machines and ran fifty virtual machines simultaneously. We then replaced this with Deep Security and went through the same running procedure,” says Ogino. The results showed that start-up times had decreased by approximately 30% with Deep Security. Now that actual operation has begun, there is no deterioration in response when students simultaneously log in and lectures are able to start smoothly.

Furthermore, with agentless solutions such as Deep Security, operations such as updates and application of anti-virus software pattern file are performed on the server side, which means that update operations do not need to be performed for each terminal. This greatly reduces operational workload. “There have been no incidents so far and we are confident that we have created a system which can instantly detect an incident should something occur,” Ogino says indicating his level of satisfaction.

“We utilized the support of Trend Micro during the project. We are extremely thankful for the fast and accurate response.”

In the future, the faculty plans to expand its VDI learning environment by deploying additional terminals for IT education as they are needed. At the same time, it also wants to start preparations for realizing an environment for the previously mentioned BYOD. “During this process, we want to actively investigate using the features of Deep Security other than the anti-virus that we adopted for the current project. We are expecting Trend Micro to offer us proposals for issues unique to universities and educational institutions, and which take product functions to another level,” concludes Ogino.